Vulnerability Details CVE-2009-4595
SQL injection vulnerability in index.php in PHP Inventory 1.2 allows remote authenticated users to execute arbitrary SQL commands via the sup_id parameter in a suppliers details action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.0%
CVSS Severity
CVSS v2 Score 6.0
Products affected by CVE-2009-4595
-
cpe:2.3:a:phpwares:php_inventory:1.2